From c4ad1aba9860e02fe03ef3f58a047964e9e765fc Mon Sep 17 00:00:00 2001
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue, 22 Oct 2019 16:08:24 +0200
Subject: CVE-2019-14889: misc: Add function to quote file names

The added function quote file names strings to be used in a shell.
Special cases are treated for the charactes '\'' and '!'.

Fixes T181

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 include/libssh/misc.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'include/libssh/misc.h')

diff --git a/include/libssh/misc.h b/include/libssh/misc.h
index 543de04f..4f0b9439 100644
--- a/include/libssh/misc.h
+++ b/include/libssh/misc.h
@@ -51,6 +51,12 @@ struct ssh_timestamp {
   long useconds;
 };
 
+enum ssh_quote_state_e {
+    NO_QUOTE,
+    SINGLE_QUOTE,
+    DOUBLE_QUOTE
+};
+
 struct ssh_list *ssh_list_new(void);
 void ssh_list_free(struct ssh_list *list);
 struct ssh_iterator *ssh_list_get_iterator(const struct ssh_list *list);
@@ -88,4 +94,6 @@ void ssh_log_hexdump(const char *descr, const unsigned char *what, size_t len);
 
 int ssh_mkdirs(const char *pathname, mode_t mode);
 
+int ssh_quote_file_name(const char *file_name, char *buf, size_t buf_len);
+
 #endif /* MISC_H_ */
-- 
cgit v1.2.3